[cap-talk] Architectural Choices for Security: terminology
ken
ken at sipantic.net
Fri Nov 16 13:32:00 EST 2007
Will anyone on this list be attending Twenty-Third Annual Computer Security
Applications Conference (ACSAC) December 10-14, 2007, Miami Beach Resort and
Spa, Miami Beach, FL, USA?
If so perhaps we could find time to meet. I have no plan (as yet) to attend
but I am a short drive away.
Ken Hamer-Hodges
ken at sipantic.net
-----Original Message-----
From: cap-talk-bounces at mail.eros-os.org
[mailto:cap-talk-bounces at mail.eros-os.org] On Behalf Of Karp, Alan H
Sent: Friday, November 16, 2007 10:58 AM
To: General discussions concerning capability systems.
Subject: Re: [cap-talk] Architectural Choices for Security: terminology
Bill Frantz wrote:
>
> How about identity-centric and reference-centric
> authorization? (Ducking)
>
Because roles (RBAC) and attributes (PBAC) aren't identities, and not
all authorizations are used as references.
________________________
Alan Karp
Principal Scientist
Virus Safe Computing Initiative
Hewlett-Packard Laboratories
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-7029
https://ecardfile.com/id/Alan_Karp
http://www.hpl.hp.com/personal/Alan_Karp
_______________________________________________
cap-talk mailing list
cap-talk at mail.eros-os.org
http://www.eros-os.org/mailman/listinfo/cap-talk
More information about the cap-talk
mailing list